From 0416e5670d4991b2846d732b8bb12c3844b17b45 Mon Sep 17 00:00:00 2001 From: Tal Aloni Date: Sat, 20 May 2023 00:57:05 +0300 Subject: [PATCH] NTLMCryptography: Add .NET 5.0 \ 6.0 support --- .../NTLM/NTLMAuthenticationTests.cs | 12 ++++++- .../NTLM/Helpers/NTLMCryptography.cs | 31 +++++++++++++++---- 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/SMBLibrary.Tests/NTLM/NTLMAuthenticationTests.cs b/SMBLibrary.Tests/NTLM/NTLMAuthenticationTests.cs index 224da07..a96979d 100644 --- a/SMBLibrary.Tests/NTLM/NTLMAuthenticationTests.cs +++ b/SMBLibrary.Tests/NTLM/NTLMAuthenticationTests.cs @@ -1,4 +1,4 @@ -/* Copyright (C) 2014-2019 Tal Aloni . All rights reserved. +/* Copyright (C) 2014-2023 Tal Aloni . All rights reserved. * * You can redistribute this program and/or modify it under the terms of * the GNU Lesser Public License as published by the Free Software Foundation, @@ -27,6 +27,15 @@ namespace SMBLibrary.Tests Assert.IsTrue(ByteUtils.AreByteArraysEqual(hash, expected)); } + // Will use weak DES key + [TestMethod] + public void LMv1HashTestEmptyPassword() + { + byte[] hash = NTLMCryptography.LMOWFv1(""); + byte[] expected = new byte[] { 0xaa, 0xd3, 0xb4, 0x35, 0xb5, 0x14, 0x04, 0xee, 0xaa, 0xd3, 0xb4, 0x35, 0xb5, 0x14, 0x04, 0xee }; + Assert.IsTrue(ByteUtils.AreByteArraysEqual(hash, expected)); + } + [TestMethod] public void NTv1HashTest() { @@ -155,6 +164,7 @@ namespace SMBLibrary.Tests public void TestAll() { LMv1HashTest(); + LMv1HashTestEmptyPassword(); NTv1HashTest(); NTv2HashTest(); LMv1ResponseTest(); diff --git a/SMBLibrary/Authentication/NTLM/Helpers/NTLMCryptography.cs b/SMBLibrary/Authentication/NTLM/Helpers/NTLMCryptography.cs index 5dcdc2e..0754520 100644 --- a/SMBLibrary/Authentication/NTLM/Helpers/NTLMCryptography.cs +++ b/SMBLibrary/Authentication/NTLM/Helpers/NTLMCryptography.cs @@ -1,4 +1,4 @@ -/* Copyright (C) 2014-2017 Tal Aloni . All rights reserved. +/* Copyright (C) 2014-2023 Tal Aloni . All rights reserved. * * You can redistribute this program and/or modify it under the terms of * the GNU Lesser Public License as published by the Free Software Foundation, @@ -78,11 +78,26 @@ namespace SMBLibrary.Authentication.NTLM { DES des = DES.Create(); des.Mode = mode; - DESCryptoServiceProvider sm = des as DESCryptoServiceProvider; - MethodInfo mi = sm.GetType().GetMethod("_NewEncryptor", BindingFlags.NonPublic | BindingFlags.Instance); - object[] Par = { rgbKey, mode, rgbIV, sm.FeedbackSize, 0 }; - ICryptoTransform trans = mi.Invoke(sm, Par) as ICryptoTransform; - return trans; + ICryptoTransform transform; + if (DES.IsWeakKey(rgbKey) || DES.IsSemiWeakKey(rgbKey)) + { +#if NETSTANDARD2_0 + MethodInfo getTransformCoreMethodInfo = des.GetType().GetMethod("CreateTransformCore", BindingFlags.NonPublic | BindingFlags.Static); + object[] getTransformCoreParameters = { mode, des.Padding, rgbKey, rgbIV, des.BlockSize / 8 , des.FeedbackSize / 8, des.BlockSize / 8, true }; + transform = getTransformCoreMethodInfo.Invoke(null, getTransformCoreParameters) as ICryptoTransform; +#else + DESCryptoServiceProvider desServiceProvider = des as DESCryptoServiceProvider; + MethodInfo newEncryptorMethodInfo = desServiceProvider.GetType().GetMethod("_NewEncryptor", BindingFlags.NonPublic | BindingFlags.Instance); + object[] encryptorParameters = { rgbKey, mode, rgbIV, desServiceProvider.FeedbackSize, 0 }; + transform = newEncryptorMethodInfo.Invoke(desServiceProvider, encryptorParameters) as ICryptoTransform; +#endif + } + else + { + transform = des.CreateEncryptor(rgbKey, rgbIV); + } + + return transform; } /// @@ -123,7 +138,11 @@ namespace SMBLibrary.Authentication.NTLM public static Encoding GetOEMEncoding() { +#if NETSTANDARD2_0 + return ASCIIEncoding.GetEncoding(28591); +#else return Encoding.GetEncoding(CultureInfo.CurrentCulture.TextInfo.OEMCodePage); +#endif } ///